TrapDoor malware campaign puts developer workstations in CISO spotlight (opens in new tab)

A malicious package campaign across npm, PyPI, and Crates.io has put developer workstations back under scrutiny, after researchers said it targeted developer workflows and AI coding assistant files. Researchers at Socket said the campaign, which they are tracking as TrapDoor, “spans more than 34 malicious packages and 384+ related versions and artifacts” across the three open-source ecosystems. The packages were designed to steal developer secrets, including AWS credentials, GitHub tokens, SS...